Distribution Beats Encryption

calendar Dec 12, 2023 · 3 min read · FOSS

XMPP can be a nightmare to operate, but I still think it provides better long-term benefits than Signal, because XMPP without any encryption gives all the benefits of distribution, which grant better protection than encryption, overall.

XMPP is a Nightmare

My journey with XMPP so far has been:

  • Use OTR encryption.
  • Ask your friend a question in order to confirm their identity (I mean, she's standing right there, but fine).
  • Repeat for each contact, while pretending you're a reporter about to spill the beans on some major activity.
  • OTR no longer works, use omemo!
  • Omemo encryption isn't supported with profanity, try finding a plug-in.
  • Your phone is a different device (look at mister fancy, owning TWO DEVICES!), your keys won't work here.

I keep using encryption, because only techies message me through XMPP. However, the general population wouldn't have any problem using it without the encryption, and I think that's a better idea.

Signal Cannot be Our Solution

The problem is this: we need an instant messaging platform. All of us humans want a thing which does this:

  • Send text.
  • Send pictures.
  • Note who's online and who's not.

Our answer to the question of 'how to do this' has to be a protocol. To trust all communication to a single corporation in the USA would be madness.

I realize, of course, most people 'just want to get shit done [and not think about the broader implication]', and that Signal functions well-enough [for now]. However, I have plenty of problems with it.

  • If Signal wanted to perform some kind of sting on someone, they could (the app updates whatever they want it to update).
  • You can't use it without either using a proprietary app store, or downloading the APK and managing every.single.update manually.
  • The Signal corporation can track your phone number (which shows your location), and every login.
  • They once tried to create a shitcoin, and it was particularly bad.
  • They don't have a command-line interface.

Even with the best encryption in the world, if something goes wrong, then whoever makes Signal go wrong can track and read messages as they please.

Now, if we examine the same points again, while considering a wide-scale XMPP system with no end-to-end encryption (just regular TLS or some-such):

  • Any sting must target every server in the world - almost impossible.
  • Update automatically with your favourite package manager - no problem.
  • No implied tracking of anything, except your IP address visiting your local, friendly, server.
  • No shitcoins (it's a protocol, so you have to add your own shitcoins).
  • Multiple CLIs.

Of course a given XMPP server might get hacked, or pried open with laws, and a few people get tracked. But never everyone. The system itself can never fail.